<?php

/**
 * @category   Ahs
 * @package    Ahs_Acl * 
 * @author     Thibaut Cromphaut, Gaïtano Boeraeve, Matthias Mercy
 * @copyright  Copyright (c) 2011 memorygame
 */


class Ahs_Acl extends Zend_Acl
{

    public function __construct($amf = false)
    {
        $this->addRole(new Zend_Acl_Role('admin' )                 ) // ingelogde admin 
             ->addRole(new Zend_Acl_Role('Player'), array('admin' )) // ingelogde senior erft over van admin   
             ->addRole(new Zend_Acl_Role('guest' )) 
             ;   
                
        if ($amf) {
            $this->_initAmf();
        } else {
            $this->_init();
        }
    }
    
    private function _init()
    {
           $this->allow('admin') // Geef rol 'admin' toegang tot alle resources met alle privileges.

                // defaultModule
                ->addResource('defaultModule')
                ->allow(null, 'defaultModule') // Geef alle rollen toegang tot resource 'defaultModule'

                ->addResource('errorController')
                ->allow(null, 'errorController')

                ->addResource('indexController')
                ->allow(null, 'indexController') // Geef alle rollen toegang tot resource 'indexController'

                ->addResource('userController')
                ->allow(null, 'userController')
                ->deny('guest'  , 'userController', 'logoutAction') // wordt overgeërfd door member en admin!
                ->allow('Player', 'userController')
                ->deny('Player' , 'userController', 'registrationAction') // Rol 'member' (en 'admin' door overerving) hebben geen toegang tot privilege 'registrationAction' in resouce 'userController'
                    
                ->addResource('worldController')
                ->allow(null, 'worldController')
                
                ->addResource('levelController')
                ->allow(null, 'levelController')
                    
                ->addResource('highscoreController')
                ->allow(null, 'highscoreController')
                    
             //////////////////////////////////////////
             ///////////Guest AUTHORIZATIONS///////////
             //////////////////////////////////////////
                
             ->deny( 'guest'  , 'worldController') 
             ->deny( 'guest'  , 'levelController') 
             ->deny( 'guest'  , 'highscoreController') 
                 
             ///////////////////////////////////////////
             ///////////Admin AUTHORIZATIONS////////////
             ///////////////////////////////////////////
             ->deny( 'admin' , 'userController', array(
                                                    'loginAction',
                                                    'registrationAction',
                                                  ))    

           
             // serviceModule
             ->addResource('serviceModule')
             ->allow(null, 'serviceModule')
             ->addResource('serviceModule.gatewayController')
             ->allow(null, 'serviceModule.gatewayController') 
        ;
        
    }
    
    private function _initAmf()
    {
        $this->addResource('Service_GatewayService')
             ->allow(null, 'Service_GatewayService');
    }
}
?>
